Two New Phishing Methods Are Automatically Detected by CallingID
Dallas, TX, August 18, 2005, CallingID (www.callingid.com), a leading provider of anti-phishing solutions, today announced that it has identified two new phishing methods used to fool Internet users into thinking that they are visiting a real website in order to get them to divulge personal information to scammers and identity thieves. CallingID automatically detects these methods and protects the user from sending personal information to scammers.
The new methods are:
1. Sites that use invalid security certificates (usually self-issued certificates) relying on a confusing warning that the browser displays. Users who accept the warning believe they enter a legitimate site. CallingID continuously displays an icon showing that the certificate is invalid, making users aware of the problem.
2. Sites that mask the address bar the user sees with a fake address that fools him into thinking he is visiting a familiar site, persuading him to provide personal information. CallingID detects the masking address and makes the user aware of the problem.
“Using the Internet for eCommerce and online banking has become risky. Users are exposed to sophisticated attempts to steal their identity and their money. They need a solution that automatically protects them from the risks they are exposed to,” said Yoram Nissenboim, CallingID CEO, “Our users reported that with CallingID they feel safe when they access their bank account and that they have increased their shopping on the Web since they know whom they are dealing with.”
CallingID for the Internet protects Web users from inadvertently accessing unreliable sites. It automatically provides the user with information about the authenticity of the site, including website ownership and location, and verifies that the owner is a real organization. If the site owner hides its identity the user is immediately warned. If any of the information is suspicious, like a location in an unexpected country, users are advised to rethink their intention to submit personal information or to place an order from that site. CallingID automatically executes 52 different verification tests and summarizes the results in a simple conclusion: “verified”, “low risk” or “high risk”.
A personal copy of CallingID for the Internet can be downloaded for free from www.callingid.com. Installation is fast and simple.
CallingID’s special banking product, Safety Seal for Online Banking, has two extra protection features:
– The bank customers cannot login by mistake to a site which is not the bank’s real site. .CallingID detects such attempts before the user submits the data and alerts the user to abort.
– Even if the customers’ computer is infected by spyware or Trojan software, his login parameters cannot be identified by that software.
When a bank registers with Safety Seal for Online Banking, all its customers receive a complete solution including CallingID for the Internet and are therefore well protected.
About CallingID
CallingID is a web privacy software company committed to providing critical information needed by its users to protect them from inadvertently submitting information to hostile websites. CallingID’s approach is a natural extension of the phone-based Caller-ID services used to identify callers. CallingID’s offices are located in Dallas, Texas and the R&D team is based in Haifa, Israel.